subspace 3.0.12 → 3.0.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +17 -0
- data/ansible/roles/tailscale/tasks/main.yml +2 -9
- data/lib/subspace/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fd80f06bb8065ca4506d7b4d40c6e001f67b25c9aedf9a0ff513a099a23d98c9
|
|
4
|
+
data.tar.gz: 73eed74a49b776a5e465b57783eaabb7257fd8ea6fa49e0f3c4908c397409468
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 962f2c5c22909b7a9b544cb67a97d70d281dab1afbd24d9873ece20e4d2c45a44449e3102e1bc703b8847bacf10b5b6aa4eeb89487b112034ddf562ad11c74eb
|
|
7
|
+
data.tar.gz: 6101675bde847ffd31133754fb41142214c1128200a8b5815cb90eb313c82e014cb4a117143d71ea402b0da6f60ceea17bd8bc9eb5b2c78b28843687fe819251
|
data/CHANGELOG.md
CHANGED
|
@@ -12,6 +12,9 @@ This project attempts to follow [semantic versioning](https://semver.org/).
|
|
|
12
12
|
|
|
13
13
|
## Unreleased
|
|
14
14
|
|
|
15
|
+
## 3.0.13
|
|
16
|
+
* Allow tailscale to update itself again; bug that required known good version pinning in 3.0.10 has been resolved.
|
|
17
|
+
|
|
15
18
|
## 3.0.12
|
|
16
19
|
* Bugfix: use `exist?`
|
|
17
20
|
|
data/README.md
CHANGED
|
@@ -480,6 +480,23 @@ This will install a monit script that keeps sidekiq running. We spawn one sidek
|
|
|
480
480
|
|
|
481
481
|
Sidekiq uses redis by default, and rails connects to a redis running on localhost by default. However, this role does not depend on redis since in production it's likely redis will be running elsewhere. If you're provisioning a standalone server, make sure to include the redis role.
|
|
482
482
|
|
|
483
|
+
## tailscale
|
|
484
|
+
|
|
485
|
+
This installs/updates the Tailscale package, and adds/authenticates servers to the 10FW Tailnet.
|
|
486
|
+
|
|
487
|
+
**Prerequesites:**
|
|
488
|
+
- Create an auth key within tailscale, appropriately tagged & granted ACL access for the given project.
|
|
489
|
+
- Add `tailscale_auth_key` to the secrets vault for the environment you wish to provision.
|
|
490
|
+
|
|
491
|
+
**Recommendations:**
|
|
492
|
+
|
|
493
|
+
At the top of `config/subspace/{env}.yml`, add a separate block to allow the tailscale role to execute before all other roles. When the tailscale package is updated, the ssh connection will be broken, and it's best to get this out of the way first thing during a maintain or provision.
|
|
494
|
+
|
|
495
|
+
**Force Reauthentication:**
|
|
496
|
+
|
|
497
|
+
To force authentication with the tailnet, use the following tag when provisioning:
|
|
498
|
+
|
|
499
|
+
subspace provision {env} --tags=tailscale_reauth`
|
|
483
500
|
|
|
484
501
|
## Other Internal Roles
|
|
485
502
|
|
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
- tailscale_reauth
|
|
19
19
|
|
|
20
20
|
- name: "Allow tailscale to be installed"
|
|
21
|
+
ignore_errors: yes
|
|
21
22
|
dpkg_selections:
|
|
22
23
|
name: tailscale
|
|
23
24
|
selection: install
|
|
@@ -27,7 +28,7 @@
|
|
|
27
28
|
|
|
28
29
|
- name: "Install tailscale from apt"
|
|
29
30
|
apt:
|
|
30
|
-
name: tailscale
|
|
31
|
+
name: tailscale
|
|
31
32
|
state: present
|
|
32
33
|
allow_downgrade: true
|
|
33
34
|
update_cache: yes
|
|
@@ -35,14 +36,6 @@
|
|
|
35
36
|
- maintenance
|
|
36
37
|
- tailscale_reauth
|
|
37
38
|
|
|
38
|
-
- name: "Prevent tailscale from being upgraded"
|
|
39
|
-
dpkg_selections:
|
|
40
|
-
name: tailscale
|
|
41
|
-
selection: hold
|
|
42
|
-
tags:
|
|
43
|
-
- maintenance
|
|
44
|
-
- tailscale_reauth
|
|
45
|
-
|
|
46
39
|
- name: "Join the tailnet and force reauth"
|
|
47
40
|
become: true
|
|
48
41
|
command: tailscale up --ssh --auth-key={{tailscale_auth_key}} --hostname={{project_name | regex_replace('_', '')}}-{{hostname}} --accept-risk=lose-ssh {{tailscale_options}} --force-reauth
|
data/lib/subspace/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: subspace
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Samson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-12-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -313,7 +313,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
313
313
|
- !ruby/object:Gem::Version
|
|
314
314
|
version: '0'
|
|
315
315
|
requirements: []
|
|
316
|
-
rubygems_version: 3.5.
|
|
316
|
+
rubygems_version: 3.5.23
|
|
317
317
|
signing_key:
|
|
318
318
|
specification_version: 4
|
|
319
319
|
summary: Ansible-based server provisioning for rails projects
|